Link for an every peertube asset, ether video or Live stream, can be copied and played outside of the origin instance using any hls-capable player.
It introduces a few issues:
- content can’t be properly limited to « internal » or authenticated users
- extra load (which will bypass p2p) to the origin will be created in case of origin URL placed into another internet resouce
To have a stream-key for each « view » user session, like Live stream-key used currently for a stream publishing.
- One stream « play » event user gets unique « view-session » is attached to the url as query and associated with the user
- Nginx allows requests for .ts files only with the « ?session=ZMi1HCOyjbYvr1PSYpb6Ow&t=1624883520 », where session is the nginx’s secure_link calculated using user’s auth token+content_id and t is the unix time session is valid (say it’s 3mins)
- Every « watching » PUT request should update the session by issuing the new session and extend t (session validity time)